Infosecurity News

  1. AP Stylebook Breach May Have Hit Hundreds of Journalists

    Victims were targeted by follow-on phishing attacks

  2. Evil Telegram Mods Removed From Google Play

    Researchers warn of spyware hidden in legitimate-looking apps

  3. China Unleashes AI-Powered Image Generation For Influence Operations

    The findings come from a new report released by Microsoft Threat Analysis Center on Thursday

  4. Cyber-criminals Exploit GPUs in Graphic Design Software

    Cisco Talos reported that the campaign has been active since at least November 2021

  5. Google TAG Exposes North Korean Campaign Targeting Researchers

    The team has discovered the exploitation of at least one zero-day flaw in the last few weeks

  6. Russian Man Handed Nine-Year Sentence for Hacking Scheme

    Vladislav Klyushin hacked into US filing agents to discover non-public information about hundreds of companies on the US stock exchange

  7. Regulator to Investigate Fertility App Security Concerns

    ICO reveals over half of women are worried about their data

  8. CISA Adds Critical RocketMQ Bug to Must-Patch List

    Apache flaw can enable remote command execution

  9. Apple Patches Two Zero-Days Exploited in Pegasus Attacks

    Users of iOS devices urged to enable lockdown mode

  10. API Vulnerabilities: 74% of Organizations Report Multiple Breaches

    The Traceable report is based on insights from 1629 cybersecurity experts across the US, UK and EU

  11. DGA Behavior Shifts Raise Cybersecurity Concerns

    Akamai found domain shifts of 50 days from expected dates, suggesting hacker-driven confusion

  12. Zero-Day Flaw Exposes Atlas VPN User IPs

    The exploit code, shared by a researcher on Reddit, demonstrates the issue

  13. UK and US Sanction 11 Russians Tied to Trickbot/Conti Ransomware

    These new sanctions follow a first wave in February 2023, where seven Russians involved with Trickbot and Conti were also sanctioned

  14. IBM Reports Patient Data Breach at Johnson & Johnson Subsidiary

    The attackers may have accessed sensitive patient information, such as health insurance and medication details

  15. Chinese Hacker Steals Microsoft Signing Key, Spies on US Government

    The threat actor used the stolen key to breach 25 organizations, including US government agencies

  16. Think Tank Urges Labour to Promote “Securonomics” Agenda

    Progressive Britain wants the party to borrow from US security strategy

  17. Hundreds of Scam Pages Uncovered in Major Investment Fraud Campaign

    Users are first targeted by Facebook adverts

  18. UK Government Backs Down on Anti-Encryption Stance

    Statement to Lords heralds delay to on-device message scanning

  19. MITRE and CISA Release OT Attack Emulation Tool

    The open source tool will enable cyber teams to consistently test and boost the defenses of ICS environments

  20. Russia-Backed APT28 Tried to Attack a Ukrainian Critical Power Facility

    The attack has been carried out using legitimate services and standard software functions, CERT-UA observed

Why Not Watch?

  1. Audit & Compliance in the Era of AI and Emerging Technology

  2. How to Recover From a Cyber-Attack: A Step-by-Step Playbook

  3. Why Your Organisation Needs Trusted Time Synchronisation

  4. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

What’s Hot on Infosecurity Magazine?